<?php
/**
 * 护照.
 * 
 * 记录通过安检的用户信息,主要用于规定$id,$name
 * 
 * @author Leo Ning <leo.ning@like18.com>
 * @version 1.0
 * @since 1.0
 * @copyright 2008-2011 LIKE18 INC.
 * @package core 
 */
class Passport {
	public $uid = ''; // 用户ID
	public $account = ''; // 账户
	public $name = ''; // 用户姓名
	public $login_time = ''; // 登录时间
	public $login_ip = ''; // 登录IP
	public $type = ''; // 账户类型
	public $signed = false; // 是否已经验证身份
	private $properties = array (); // 用户的属性
	private $types = null;
	public function __construct($id = 0) {
		$this->uid = $id;
	}
	public function __get($name) {
		if (isset ( $this->properties [$name] )) {
			return $this->properties [$name];
		}
		return null;
	}
	public function __set($name, $value) {
		$this->properties [$name] = $value;
	}
	/**
	 * 	 
	 * 用户可以干某件事情不
	 *
	 * @param mixed $op
	 * 操作
	 * @param string $resource
	 * 被操作对象
	 * @return mixed 无权操作时返回false,反之返回extra信息
	 */
	public function cando($op, $resource) {
		return ucando ( $op, $resource, $this->uid );
	}
	/**
	 * 
	 * 得到用户类型(部门,分组,城市,等等)
	 *
	 * @uses get_user_types filter the arg is empty array
	 * @return array array(array('type'=>'type name','id'=>'type
	 * id','name'=>'type name'))
	 */
	public function types() {
		if ($this->types == null) {
			$this->types = apply_filter ( 'get_user_types', array (), $this->uid );
		}
		return $this->types;
	}
}
/**
 * 我是谁,意即得到我的信息(护照)
 *
 * @uses get_current_user filter the arg is a Passport instance
 * @param int $id
 * 用户编号
 * @param boolean $re
 * 是否重新加载
 * @return Passport 我的信息
 */
function whoami($id = 0, $re = false) {
	global $__whoami;
	if ($re || ! isset ( $__whoami [$id] ) || empty ( $__whoami [$id]->uid )) {
		$whoami = new Passport ( $id );
		$__whoami [$id] = apply_filter ( 'get_user_passport', $whoami );
	}
	return $__whoami [$id];
}
/**
 *
 * 当前用户是否拥有某个角色
 *
 * @param string $role
 * 角色名
 * @param string $role_type
 * 角色类型
 */
function iam($role, $role_type) {
	$I = whoami ();
	$types = $I->types ();
	foreach ( $types as $type ) {
		if ($type ['type'] == $role_type && $type ['name'] == $role) {
			return true;
		}
	}
	return false;
}
/**
 * Can I do some operation on resource? If I can return true, else return false
 *
 * @uses whomai 取得当前用户护照
 * @uses ucando 判断权限
 * @param string $op
 * 操作
 * @param string $resource
 * 资源
 * @param string $type        	
 * @return mixed 无权操作时返回false,反之返回extra信息
 */
function icando($op, $resource, $type = "") {
	$I = whoami ();
	return ucando ( $op, $resource, $I->uid, $type );
}
/**
 * Can you/she/he do some operation on resource? If I can return true, else
 * return false
 *
 * @global IRbac
 * @uses apply_filter 触发get_rbac_driver过滤器,来获取系统权限管理实例.
 * @param string $op
 * 操作
 * @param string $resource
 * 资源
 * @param mixed $id
 * 访问者标识,建议使用int或string型,长度不应长于32
 * @param string $type        	
 * @return mixed 无权操作时返回false,反之返回extra信息
 */
function ucando($op, $resource, $id, $type = "") {
	global $__rbac;
	if (empty ( $id )) {
		$I = whoami ();
		$id = $I->uid;
	}
	$type = empty ( $type ) ? 'USER' : $type;
	if ($__rbac == null) {
		$__rbac = apply_filter ( 'get_rbac_driver', $__rbac );
	}
	if ($__rbac == null) { // 未提供权限管理模块时
		return true;
	}
	if ($__rbac && method_exists ( $__rbac, 'icando' )) {
		return $__rbac->icando ( $op, $resource, $id, $type );
	}
	return false;
}
/**
 * 用户是否登录了
 *
 * @param string $redirect
 * 未登录时是否跳到登录页面
 * @return mixed 登录返回用户的Passport,否则返回false.
 */
function check_login($redirect = '', $userType = 'admin') {
	$i = whoami ();
	if (empty ( $redirect )) {
		return $i->signed && $i->type == $userType ? $i : false;
	} else if (! $i->signed || $i->type != $userType) {
		if (! isset ( $_SERVER ["HTTP_X_AJAX_TYPE"] )) {
			echo "<html><head><script type='text/javascript'>var win = window;while (win.location.href != win.parent.location.href) {win = win.parent;} win.location.href = '{$redirect}';</script></head><body></body></html>";
		} else {
			status_header(401);//需要登录验证
			@header ( 'X-AJAX-REDIRECT: ' . $redirect );
		}
		Response::close ( true );
	}
	return $i;
}
/**
 * 
 * 发送需要验证消息
 * 
 * @param string $page_name 中转页面名称
 * @param string $redirect 验证成功后跳转到的地址
 */
function need_transit($transit,$redirect = '', $keep_request = false) {
	if ($keep_request !== false) {
		rqsave ($keep_request);
	}
	if (! isset ( $_SERVER ["HTTP_X_AJAX_TYPE"] )) {
		echo "<html><head><script type='text/javascript'>var win = window;while (win.location.href != win.parent.location.href) {win = win.parent;} try{ if(win.showTransitDialog){ win.showTransitDialog('{$transit}','{$redirect}',false);} } catch(e){};</script></head><body></body></html>";
	} else {
		status_header(401);
		@header ( 'X-AJAX-REDIRECT: ' . $redirect );
		@header ( "X-AJAX-TRANSIT: $transit" );
	}
	Response::close ( true );
}